1. Field of the Invention
The present invention relates to file retrieval, and more particularly to a method and a device for retrieval of an encrypted file storing encrypted data.
2. Description of the Related Art
With the popularization of the Internet, a multitude of various types of information are provided on the Internet. However, for entities that offer information, there is the security risk that information that should not be offered, such as personal information or company information, will be leaked onto the Internet or stolen. Techniques exist for encrypting database files as a safeguard against leaks or theft. Nevertheless, the information of a database file must still be provided to members who need the indispensable information within a company, and techniques are necessary for retrieving encrypted files.
The most basic retrieval method for an encrypted file is to decrypt all of the encrypted file data content, store the decrypted data in another database file of the same structure, and then retrieve the decrypted data from this file. This method will be referred to hereinbelow as the first method of the prior art.
Another method of retrieval of an encrypted file is described in Japanese Patent Laid-open No. 11001/2000. In this prior-art method, an encrypted file is retrieved by encrypting a retrieval keyword that has been inputted as normal text. In more concrete terms, a plurality of files that have been encrypted beforehand are decrypted, sets of keywords contained in each file and file names in which the keyword was contained are extracted, and an index is generated in which the keywords in each set are encrypted. For example, if the keyword “Suzuki Ichiro” is contained in a particular file A, a set is generated containing the encrypted data of “Suzuki Ichiro” and the name of file A. The encrypted data is generally a random data string, and because this notation can be complex, an alphabet character string will be used in this specification for the sake of convenience. Here, the result of encrypting “Suzuki Ichiro” will be assumed to be “zdsiukiio.” Next, if “Suzuki Ichiro” is entered as input from the user as the retrieval keyword, this entered input “Suzuki Ichiro” is encrypted to generate the encrypted retrieval keyword “zdsiukiio,”. This encrypted retrieval keyword “zdsiukiio” is collated with the encrypted keywords in the index, and the name “file A” is extracted. This method is referred to hereinbelow as the second method of the prior art.
The first method of the prior art entails some security risks because decrypted data are in the database.
In contrast, although the second method of the prior art ensures confidentiality of data in the files because retrieval is performed with data in an encrypted state, retrieving data in its encrypted state severely limits the types of retrieval that can be performed.
When retrieving information regarding an individual, for example, the full name that specifies the individual may in some cases be used as the retrieval keyword, but in other cases, the individual's family name alone may also be used as the retrieval keyword. Although a complete-match retrieval is possible when the key item of the encrypted file is the full name and the full name is encrypted, a partial-match retrieval cannot be performed when the family name is used as the retrieval key. For example, if the full name is “Suzuki Ichiro,” the encrypted data of the family name “Suzuki” is not included in the encryption “zdsiukiio” of the entire name.
As another example, when retrieving personal information, a case can be considered in which numerical information such as age is used as the retrieval key and persons older than a particular age are to be retrieved.
However, it cannot be guaranteed that the original relation between ages 40 and 20 can be maintained in encrypted data of ages 40 and 20, and retrieval under these conditions cannot be performed.